PATENTS 

Attorney Docket No. SMY-017.01 

P3688 



REMARKS 

By the foregoing amendments, Applicants have revised independent claims 1 and 22 
to eliminate redundancy and generally improve their wording. They have additionally made 
numerous changes in the dependent claims 2-6, 14-21, 23-42, 44, 46-49, and 57-60 to 
improve their wording and make certain of them more accurate. For example, the new 
wording of claims 2 and 23 sets forth more accurately the relationship between the profile 
collection and operations recited in those claims. And claims 22-42 now recite the medium 
as being "processor-readable" rather than "processor-executable," because what the 
processor really executes is the instructions that the medium contains, not the medium itself. 
After these amendments, claims 1-64 remain pending in the application. 

Applicants' independent claim 1 is directed to a method of pro-actively refreshing 
credentials by an entity that maintains credentials. Among other things, the subject matter 
of Applicants' independent claim 1 includes using related information stored with respective 
credentials as the basis for determining which credentials should be refreshed in a pro-active 
refreshing operation. 

In the Office action, the Examiner has rejected claim 1 and other claims as defining 
subject matter anticipated by the contents of U.S. Patent No. 6,216.231 to Stubblebine, 
stating that "'23 1 teaches a protocols [sic] and policy for specifying constraints in a 
distributed system, having: a refreshing credentials entity, a memory, a profile collection, 
related information, examining a refresh policy, replacing a credentials, updating the profile, 
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and repeating the actions, storing a credential identifier, when credential issued, recent use, 
older time/expired, recency requirements, and use for subsequent sessions." 

Applicants respectfully request the Examiner reconsider this rejection, because the 
'231 patent does not teach the subject matter that Applicants' independent claim 1 defines. 
A system employing pro-active refreshing can refresh the credentials when, say, it is idle or 
not experiencing a heavy processing load, so subsequent attempts to access secured 
resources will tend to experience fewer delays, because credentials tend to be up to date 
when the access attempt is made. Without more, though, pro-active refreshing could prove 
excessively burdensome, and the invention addresses that problem. In accordance with the 
invention, the credentials are stored in respective credential profiles with related 
information, such as freshness constraints, and the method includes, for each profile, 
"making a determination, from that credential profile's related information, of whether that 
credential needs to be refreshed." So, even though the system is refreshing pro-actively, it 
does so selectively and can thereby therefore restrict refreshing to credentials for which 
doing so is most beneficial. 

It is true that the '23 1 patent describes a method by which credentials can be 
refreshed. Its approach is to refresh credentials either at specific intervals or on demand 
('231 col. 5, 11. 60-62). At least in the specific cases in which it mentions refreshing the 
credentials in response to changes in policy ('231 col. 11, 11. 47-57, col. 12, 11. 36-39) or in 
response to requests for access to a secured resource ('231 col. 1 1, 11. 27-30, col. 12, 11. 64- 
67, col. 13 11. 1-2), it is not clear that the refreshing occurs pro-actively. Even if it does, 
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though, the '231 patent's method does not, as Applicants' claimed approach does, base a 
determination of whether to refresh each credentials on related information stored with that 
credential. In the '231 patent's arrangement, information stored in the credentials is used to 
determine whether to grant or deny access to resources, not to determine which credentials 
to refresh. Consequently, the '231 patent's system does not provide the benefit of refreshing 
credentials pro-actively in a way that enables the system to avoid unnecessary computational 
burden. 

The other independent claims, namely, claims 22 and 43, similarly distinguish their 
subject matter from the prior art. Claim 22 is directed to a storage medium whose contents 
configure a processor to perform claim 1 's method, and claim 43 defines an apparatus that 
similarly stores with the credential related information that it uses to determine whether to 
refresh that credential. So all of the independent claims define patentable subject matter, as 
do the dependent claims, at least by virtue of their dependence on those independent claims. 

Applicants therefore request that the Examiner reconsider and withdraw his 



rejections. 
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